Export limit exceeded: 10683 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (365471 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2086 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
PHP remote file inclusion vulnerability in viewtopic.php in phpBB 2.0.15 and earlier allows remote attackers to execute arbitrary PHP code.
CVE-2005-4832 1 Oracle 1 Oracle10g 2026-04-16 N/A
SQL injection vulnerability in the Oracle Database Server 10g allows remote authenticated users to execute arbitrary SQL commands with elevated privileges via the SUBSCRIPTION_NAME parameter in the (1) SYS.DBMS_CDC_SUBSCRIBE and (2) SYS.DBMS_CDC_ISUBSCRIBE packages, a different vector than CVE-2005-1197.
CVE-2006-0878 1 Phpoutsourcing 1 Noahs Classifieds 2026-04-16 N/A
Noah's Classifieds 1.3 allows remote attackers to obtain the installation path via a direct request to include files, as demonstrated by classifieds/gorum/category.php.
CVE-2004-2508 1 Linksys 1 Wvc11b 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to inject arbitrary web script or HTML via the next_file parameter.
CVE-2006-0052 2 Gnu, Redhat 2 Mailman, Enterprise Linux 2026-04-16 N/A
The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, when using Python's library email module 2.5, allows remote attackers to cause a denial of service (mailing list delivery failure) via a multipart MIME message with a single part that has two blank lines between the first boundary and the end boundary.
CVE-2005-4399 1 Libertas Solutions 1 Libertas Enterprise Cms 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search/index.php in Libertas Enterprise CMS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the page_search parameter.
CVE-2004-1626 1 Code-crafters 1 Ability Server 2026-04-16 N/A
Buffer overflow in Ability Server 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long STOR command.
CVE-2004-1631 1 Openwfe 1 Work Flow Engine 2026-04-16 N/A
Open WorkFlow Engine (OpenWFE) 1.4.x allows remote attackers to conduct port scans of remote hosts by specifying the target in an rmi:// Worklist URL, then using the response times to infer the results.
CVE-2004-1635 1 Mozilla 1 Bugzilla 2026-04-16 N/A
Bugzilla 2.17.1 through 2.18rc2 and 2.19 from cvs, when using the insidergroup feature, does not sufficiently protect private attachments when there are changes to the metadata, such as filename, description, MIME type, or review flags, which allows remote authenticated users to obtain sensitive information when (1) viewing the bug activity log or (2) receiving bug change notification mails.
CVE-2004-1639 1 Mozilla 3 Firefox, Gecko, Mozilla 2026-04-16 N/A
Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allows remote attackers to cause a denial of service (application crash or memory consumption) via a large binary file with a .html extension.
CVE-2006-0905 2 Freebsd, Netbsd 2 Freebsd, Netbsd 2026-04-16 N/A
A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.
CVE-2006-1870 1 Oracle 1 Database Server 2026-04-16 N/A
Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.2 has unknown impact and attack vectors in the Export component, aka Vuln# DB05. NOTE: details are unavailable from Oracle, but as of 20060427, they have not publicly commented on whether DB05 is the same issue as CVE-2006-2081.
CVE-2006-3370 1 Bb-news 1 Blueboy 2026-04-16 N/A
Blueboy 1.0.3 stores bb_news_config.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information, including the database configuration.
CVE-2006-0055 1 Freebsd 1 Freebsd 2026-04-16 N/A
The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell.
CVE-2006-0066 1 Phpjournaler 1 Phpjournaler 2026-04-16 N/A
SQL injection vulnerability in index.php in PHPjournaler 1.0 allows remote attackers to execute arbitrary SQL commands via the readold parameter.
CVE-2004-1708 1 Shawn Webb 1 Webbsyte Chat 2026-04-16 N/A
Webbsyte Chat 0.9.0 allows remote attackers to cause a denial of service (crash) via a large number of connections.
CVE-2006-1001 1 Lansuite 1 Lanparty Intranet System 2026-04-16 N/A
SQL injection vulnerability in the board module in LanSuite LanParty Intranet System 2.0.6 and 2.1.0 beta allows remote attackers to execute arbitrary SQL commands via the fid parameter.
CVE-2004-1725 1 John Bradley 1 Xv 2026-04-16 N/A
Stack-based buffer overflow in xvbmp.c in XV allows remote attackers to execute arbitrary code via a crafted image file.
CVE-2003-0648 2 Debian, Fte 2 Debian Linux, Fte Text Editor 2026-04-16 N/A
Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code.
CVE-2002-1788 1 Kim Storm 1 Nn 2026-04-16 N/A
Format string vulnerability in the nn_exitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses.